julien.escario
/
acme.sh
forked from Github/acme.sh
1
0
Fork 0
Code Pull Requests Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3302 Commits
7 Branches
0 Tags
6.8 MiB
Tree: 5fac282ee0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5fac282ee0'
${ noResults }
acme.sh/dnsapi/dns_one.sh

276 lines
7.5 KiB
Raw Normal View History

initial commit
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
initial commit
6 years ago
Revert parameter changes Revert ONECOM_PASSWORD back to ONECOM_Password and ONECOM_USER back to ONECOM_User
6 years ago
initial commit
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
initial commit
6 years ago
try to remove errors in travis-ci
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
initial commit
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
initial commit
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
initial commit
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
initial commit
6 years ago
try to remove errors in travis-ci
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
try to remove errors in travis-ci
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
initial commit
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
initial commit
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
fix format
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
initial commit
6 years ago
Update dns_one.sh
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
cleanup according to styleguide
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
cleanup according to styleguide
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
cleanup according to styleguide
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
cleanup according to styleguide
6 years ago
fixed error in CI
6 years ago
updated to work with one.com rev command not found on OpenWrt CURL does not work, using wget JSESSIONID replaced with OneSIDCrmAdmin CSRF_G_TOKEN not needed
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
cleanup according to styleguide
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
cleanup according to styleguide
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
cleanup according to styleguide
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
cleanup according to styleguide
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
cleanup according to styleguide
6 years ago
Updated to work with curl Now works with curl. Check the root domain.
6 years ago
try to remove errors in travis-ci
6 years ago
Update to work with new one.com procedure Since some Months, its no longer possible to add TXT Records with the Name "_acme-challenge" to the base domain. To override the fallback value, you must use a CNAME and proxy it. For example. CNAME _acme-challenge.yourdomain.com => proxy_acme-challenge.yourdomain.com The TXT Records have to be created on proxy_acme-challenge.yourdomain.com Since the default CNAME TTL is 3600 seconds, it is recommended to leave the CNAME record. But if you would like to use the build-in SSL (for your web-site etc.) from one.com, you have to delete the record. A new variable "ONECOM_KeepCnameProxy" you can set in the account.conf is used to keep the CNAME record. By default the CNAME record will be removed. For ex.: SAVED_ONECOM_KeepCnameProxy='1' to keep the CNAME Record and speedup the process.
5 years ago
  1. #!/usr/bin/env sh
  2. # -*- mode: sh; tab-width: 2; indent-tabs-mode: s; coding: utf-8 -*-
  4. # one.com ui wrapper for acme.sh
  5. # Author: github: @diseq
  6. # Created: 2019-02-17
  7. # Fixed by: @der-berni
  8. # Modified: 2020-04-07
  9. #
  10. # export ONECOM_User="username"
  11. # export ONECOM_Password="password"
  12. #
  13. # Usage:
  14. # acme.sh --issue --dns dns_one -d example.com
  15. #
  16. # only single domain supported atm
  18. dns_one_add() {
  19. fulldomain=$1
  20. txtvalue=$2
  22. if ! _dns_one_login; then
  23. _err "login failed"
  24. return 1
  25. fi
  27. _debug "detect the root domain"
  28. if ! _get_root "$fulldomain"; then
  29. _err "root domain not found"
  30. return 1
  31. fi
  33. subdomain="${_sub_domain}"
  34. maindomain=${_domain}
  36. useProxy=0
  37. if [ "${_sub_domain}" = "_acme-challenge" ]; then
  38. subdomain="proxy${_sub_domain}"
  39. useProxy=1
  40. fi
  42. _debug subdomain "$subdomain"
  43. _debug maindomain "$maindomain"
  45. if [ $useProxy -eq 1 ]; then
  46. #Check if the CNAME exists
  47. _dns_one_getrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain"
  48. if [ -z "$id" ]; then
  49. _info "$(__red "Add CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")"
  50. _dns_one_addrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain"
  52. _info "Not valid yet, let's wait 1 hour to take effect."
  53. _sleep 3600
  54. fi
  55. fi
  57. #Check if the TXT exists
  58. _dns_one_getrecord "TXT" "$subdomain" "$txtvalue"
  59. if [ ! -z "$id" ]; then
  60. _info "$(__green "Txt record with the same value found. Skip adding.")"
  61. return 0
  62. fi
  64. _dns_one_addrecord "TXT" "$subdomain" "$txtvalue"
  65. if [ -z "$id" ]; then
  66. _err "Add CNAME record error."
  67. return 1
  68. else
  69. _info "$(__green "Added, OK ($id)")"
  70. return 0
  71. fi
  72. }
  74. dns_one_rm() {
  75. fulldomain=$1
  76. txtvalue=$2
  78. if ! _dns_one_login; then
  79. _err "login failed"
  80. return 1
  81. fi
  83. _debug "detect the root domain"
  84. if ! _get_root "$fulldomain"; then
  85. _err "root domain not found"
  86. return 1
  87. fi
  89. subdomain="${_sub_domain}"
  90. maindomain=${_domain}
  92. useProxy=0
  93. if [ "${_sub_domain}" = "_acme-challenge" ]; then
  94. subdomain="proxy${_sub_domain}"
  95. useProxy=1
  96. fi
  98. _debug subdomain "$subdomain"
  99. _debug maindomain "$maindomain"
  100. if [ $useProxy -eq 1 ]; then
  101. if [ "$ONECOM_KeepCnameProxy" = "1" ]; then
  102. _info "$(__red "Keeping CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")"
  103. else
  104. #Check if the CNAME exists
  105. _dns_one_getrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain"
  106. if [ ! -z "$id" ]; then
  107. _info "$(__red "Removing CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")"
  108. _dns_one_delrecord "$id"
  109. fi
  110. fi
  111. fi
  113. #Check if the TXT exists
  114. _dns_one_getrecord "TXT" "$subdomain" "$txtvalue"
  115. if [ -z "$id" ]; then
  116. _err "Txt record not found."
  117. return 1
  118. fi
  120. # delete entry
  122. if _dns_one_delrecord "$id"; then
  123. _info "$(__green Removed, OK)"
  124. return 0
  125. else
  126. _err "Removing txt record error."
  127. return 1
  128. fi
  129. }
  131. #_acme-challenge.www.domain.com
  132. #returns
  133. # _sub_domain=_acme-challenge.www
  134. # _domain=domain.com
  135. _get_root() {
  136. domain="$1"
  137. i=2
  138. p=1
  139. while true; do
  140. h=$(printf "%s" "$domain" | cut -d . -f $i-100)
  142. if [ -z "$h" ]; then
  143. #not valid
  144. return 1
  145. fi
  147. response="$(_get "https://www.one.com/admin/api/domains/$h/dns/custom_records")"
  149. if ! _contains "$response" "CRMRST_000302"; then
  150. _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
  151. _domain="$h"
  152. return 0
  153. fi
  154. p=$i
  155. i=$(_math "$i" + 1)
  156. done
  157. _err "Unable to parse this domain"
  158. return 1
  159. }
  161. _dns_one_login() {
  163. # get credentials
  164. ONECOM_KeepCnameProxy="${ONECOM_KeepCnameProxy:-$(_readaccountconf_mutable ONECOM_KeepCnameProxy)}"
  165. ONECOM_User="${ONECOM_User:-$(_readaccountconf_mutable ONECOM_User)}"
  166. ONECOM_Password="${ONECOM_Password:-$(_readaccountconf_mutable ONECOM_Password)}"
  167. if [ -z "$ONECOM_User" ] || [ -z "$ONECOM_Password" ]; then
  168. ONECOM_User=""
  169. ONECOM_Password=""
  170. _err "You didn't specify a one.com username and password yet."
  171. _err "Please create the key and try again."
  172. return 1
  173. fi
  175. #save the api key and email to the account conf file.
  176. _saveaccountconf_mutable ONECOM_User "$ONECOM_User"
  177. _saveaccountconf_mutable ONECOM_Password "$ONECOM_Password"
  179. # Login with user and password
  180. postdata="loginDomain=true"
  181. postdata="$postdata&displayUsername=$ONECOM_User"
  182. postdata="$postdata&username=$ONECOM_User"
  183. postdata="$postdata&targetDomain="
  184. postdata="$postdata&password1=$ONECOM_Password"
  185. postdata="$postdata&loginTarget="
  186. #_debug postdata "$postdata"
  188. response="$(_post "$postdata" "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded")"
  189. #_debug response "$response"
  191. # Get SessionID
  192. JSESSIONID="$(grep "OneSIDCrmAdmin" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _head_n 1 | _egrep_o 'OneSIDCrmAdmin=[^;]*;' | tr -d ';')"
  193. _debug jsessionid "$JSESSIONID"
  195. if [ -z "$JSESSIONID" ]; then
  196. _err "error sessionid cookie not found"
  197. return 1
  198. fi
  200. export _H1="Cookie: ${JSESSIONID}"
  202. return 0
  203. }
  205. _dns_one_getrecord() {
  206. type="$1"
  207. name="$2"
  208. value="$3"
  209. if [ -z "$type" ]; then
  210. type="TXT"
  211. fi
  212. if [ -z "$name" ]; then
  213. _err "Record name is empty."
  214. return 1
  215. fi
  217. response="$(_get "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records")"
  218. response="$(echo "$response" | _normalizeJson)"
  219. _debug response "$response"
  221. if [ -z "${value}" ]; then
  222. id=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"[^\"]*\",\"priority\":0,\"ttl\":600}.*/\1/p")
  223. response=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"[^\"]*\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"\([^\"]*\)\",\"priority\":0,\"ttl\":600}.*/\1/p")
  224. else
  225. id=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"${value}\",\"priority\":0,\"ttl\":600}.*/\1/p")
  226. fi
  227. if [ -z "$id" ]; then
  228. _err "Record not found."
  229. return 1
  230. fi
  231. return 0
  232. }
  234. _dns_one_addrecord() {
  235. type="$1"
  236. name="$2"
  237. value="$3"
  238. if [ -z "$type" ]; then
  239. type="TXT"
  240. fi
  241. if [ -z "$name" ]; then
  242. _err "Record name is empty."
  243. return 1
  244. fi
  246. postdata="{\"type\":\"dns_custom_records\",\"attributes\":{\"priority\":0,\"ttl\":600,\"type\":\"${type}\",\"prefix\":\"${name}\",\"content\":\"${value}\"}}"
  247. _debug postdata "$postdata"
  248. response="$(_post "$postdata" "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records" "" "POST" "application/json")"
  249. response="$(echo "$response" | _normalizeJson)"
  250. _debug response "$response"
  252. id=$(echo "$response" | sed -n "s/{\"result\":{\"data\":{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"$subdomain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"priority\":0,\"ttl\":600}}},\"metadata\":null}/\1/p")
  254. if [ -z "$id" ]; then
  255. return 1
  256. else
  257. return 0
  258. fi
  259. }
  261. _dns_one_delrecord() {
  262. id="$1"
  263. if [ -z "$id" ]; then
  264. return 1
  265. fi
  267. response="$(_post "" "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records/$id" "" "DELETE" "application/json")"
  268. response="$(echo "$response" | _normalizeJson)"
  269. _debug response "$response"
  271. if [ "$response" = '{"result":null,"metadata":null}' ]; then
  272. return 0
  273. else
  274. return 1
  275. fi
  276. }